Tamper resistance of Chip & PIN (EMV) terminals

Executive summary

We demonstrate how fraudsters could collect card details and PINs,
despite the victims taking all due care to protect their information. This
means that customers should not automatically be considered liable
for fraud, simply because the PIN was used. Even though a customer's
PIN might have been compromised, this is not conclusive evidence that
he or she has been negligent.

Background

EMV (named after its founders Europay, Mastercard and Visa) is the standard on how smartcards used for payment communicate with the terminal in shops.
In the UK, the system based around EMV is known as Chip & PIN.
The Chip & PIN terminals used are said to be “tamper resistant”, which they are to the extent that they protect the banks but not the customer.

To demonstrate this we have purchased a Chip & PIN terminal off of eBay and modified it such that it is completely under our control.
To show that this is indeed the case, we have made it play Tetris.
You may watch a video of our Tetris playing terminal on YouTube or a better quality version on our group's weblog.

Questions and answers

What exactly did you demonstrate and how did you do it?

We demonstrated that a Chip & PIN terminal can be opened, its
internal hardware replaced, and that it can be re-assembled without external evidence.
We also demonstrated that with the new internal hardware, everything is under our control: the card reader, the LCD display and the keypad.
This means that the card reader can record information from the chip and display it on the screen.
The data from the keypad, such as a PIN, can also be recorded.

We purchased a Chip & PIN terminal off eBay and removed most of the
internal components but left the screen, keyboard and card reader
intact, such that to a customer it looked unchanged.
Then we added our own electronics which controlled the screen,
keyboard and card reader.
Since the new electronics was designed by us, we could write
software which made the terminal appear to behave just like a normal Chip &
PIN terminal while collecting card details and PINs entered.

How can such a fake terminal benefit a criminal?

The card details that may be collected with such a terminal would allow us to make cards with a fake magnetic stripe, which along with the PIN, will allow a fraudster to make purchases abroad, as
confirmed by APACS. We have also found that magnetic stripe counterfeits will also work in many UK ATMs too.
Fraudsters could also make cards with fake chips, which would work in
offline transactions (ones where the merchant does not phone the bank
to verify the card is legitimate). According to the Daily Mail 20% of transactions in the UK are offline.

That said, at the moment there are likely easier ways to commit fraud. Since
criminals will take the easiest route to making money, this could
remain uncommon for a while. As banks close off other loopholes that
criminals are currently exploiting, fraudsters could begin adopting
techniques similar to the one we discuss here.

A fake terminal can also be use as part of a “relay attack”, allowing fraudulent chip transactions to be place. Further details are available on our page: “Chip & PIN (EMV) relay attacks”.

Can a fake terminal be used on the “high street”?

The environment in which such terminal would be placed will vary, but
can be done potentially anywhere where strict mechanisms are not enforced
to prevent it, such as regular inspections of the equipment.
Retailers should be diligent to observe that none of their terminals
have been altered or replaced with fake ones.
The replacement could be performed by a corrupt employee or someone
posing to be a service technician. This, of course, assumes that the
merchant is not corrupt.

We estimate that the equipment needed to perform this attack costs less than £250, and is easily available from online
electronics shops. Everything we used is general purpose hardware
with many legitimate uses, so buying it should not raise suspicion.
Only moderate technical skill in electronics are needed and it took
around a month for us to build and test the equipment. After this
stage, building any subsequent fake terminals would be much cheaper
and faster, probably taking less than a day each.

Similar attacks have been seen in practice, such as
the Shell Chip &
PIN fraud in May 2006. The details of this are still unclear
so we are not sure whether they replaced the insides of the terminal
(as we did) or somehow modified the existing hardware to collect card
details and PINs.

Is there anything customers could do to protect
themselves?

The customers have no way to identify if a terminal is real or fake.
There are many different kinds of terminals out there with no way to verify their legitimacy (84 manufacturers and 292 terminals, as of January 2007).
The tamper resistance in terminals stops them from communicating with the bank but do not leave any external marks that could be observed by the user. Even if such marks existed, the entire user population would need to be trained to looks for them, which is infeasible.
In reality, the tamper resistance protects the banks, not the customers.

How safe, in general, are the Chip & PIN terminals?

While the terminals themselves incorporate some tamper-detection mechanisms, the vulnerabilities lie in the Chip & PIN system, rather than individual terminals.
The security of the Chip & PIN system is built on the underlying premise that customers and merchants can trust
terminals they interact with. We have shown this to be false.

The new risk to victims of fraud is that the banks are taking the
position that if a PIN was used for a transaction, the customer must
be liable. This is based on the belief, despite repeated demonstrations otherwise, that Chip & PIN is infallible.
The problem, then, is not that Chip & PIN is insecure (it is more secure
than the magnetic stripe it replaced), but that there is a very wide gap between
its perceived and actual security.

Is it a problem that the terminal you used is not approved by the banks?

Although our prototype uses a terminal which is not approved in the UK, this is not relevant to the security problem at hand. The right question to ask is whether customers will know it isn't approved and refuse insert their card and enter their PIN into the terminal; the answer to this question is no.
There are so many different types of terminals currently in use that customers cannot be reasonably expected to remember them all.
If the fraudster wished to make an identical terminal, even approved, tamper-resistant terminals can be easily modified, simply by removing electronics as we have done.
Alternatively, the fraudster could build a new plastic enclosure identical to those of commercially available Chip & PIN terminals.
This option would not be as cheap, but the cost could be easily recouped by just a few fraudulent transactions.

Are there other ways to tamper with the machines?

The terminals do incorporate anti-tampering protection, but when
triggered they only prevent the terminal processing real transactions.
Since we only implemented collecting card details, and cards will
reveal these to anyone, these protections were no obstacle. Tampered
or not, to a customer the terminal will look, and behave, just as
normal.
However, if fraudsters wanted to keep the terminal operating normally
from the banks perspective (i.e. the legitimate transactions go through), they could attempt to bypass the tamper
protection mechanisms. With access to a few terminals to experiment
on, this is likely to be feasible to a sufficiently motivated, funded, and
creative criminal.

Why were they introduced if they are unsafe?

Chip & PIN allows the banks to shift liability for fraud from
themselves onto customers. We described this in a paper “Chip and
Spin” in March 2005.
Whereas with signature based transactions, it
is on the bank to prove the customer authorised the payment, with PIN
based transactions, the banks are assuming the customer is liable
unless the customer can show otherwise.

We have seen the impact of this move in the increasing number of
complaints of banks claiming to victims of fraud, that since a PIN
was used, either the customer was negligent in protecting their PIN,
or they were attempting to defraud the bank by making false claims.

Our demonstration shows that even customers who are very careful in
using their Chip & PIN card can have their PIN and account details
recorded.

Why are you doing this work?

Our goal is to reduce fraud. By discussing potential
vulnerabilities in Chip & PIN we hope to raise awareness and so help
merchants and banks detect when this fraud is being perpetrated.
Also, this work could motivate future improvement to Chip & PIN
to resist these types of attack. Finally, we hope this page will
clarify some misconceptions over the actual security of Chip &
PIN, and help the victims of fraud demonstrate their case to be
refunded.

How is it different from the “interceptor”?

The interceptor listens in on the communication between the card and terminal, and can also modify the transaction.
Our current demonstration simply created a legitimate looking, fake, terminal that emulates a real one.